5.15.137

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-05	CVE-2023-42754	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. local low complexity linux redhat fedoraproject CWE-476	5.5
2023-10-05	CVE-2023-42755	Out-of-bounds Read vulnerability in multiple products A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. local low complexity linux redhat debian CWE-125	5.5
2023-09-29	CVE-2023-44466	Classic Buffer Overflow vulnerability in Linux Kernel An issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5. network low complexity linux CWE-120	8.8
2023-09-28	CVE-2023-42756	Race Condition vulnerability in multiple products A flaw was found in the Netfilter subsystem of the Linux kernel. local high complexity linux redhat debian fedoraproject CWE-362	4.7
2023-09-27	CVE-2023-5197	Use After Free vulnerability in Linux Kernel A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325. local low complexity linux CWE-416	6.6
2023-09-06	CVE-2023-4244	Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability. We recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8. local high complexity linux debian CWE-416	7.0
2023-09-06	CVE-2023-4622	Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. local high complexity linux debian CWE-416	7.0
2023-08-21	CVE-2023-4459	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. local low complexity linux redhat CWE-476	5.5
2023-08-07	CVE-2023-4194	Incorrect Authorization vulnerability in multiple products A flaw was found in the Linux kernel's TUN/TAP functionality. local low complexity linux redhat fedoraproject debian CWE-863	5.5
2023-08-03	CVE-2023-4132	Use After Free vulnerability in multiple products A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. local low complexity linux redhat fedoraproject debian CWE-416	5.5